System Administrator's Guide - Red Hat Customer Portal. The Open Linux Management Infrastructure, commonly abbreviated as Open. LMI, is a common infrastructure for the management of Linux systems. It builds on top of existing tools and serves as an abstraction layer in order to hide much of the complexity of the underlying system from system administrators. Open. LMI is distributed with a set of services that can be accessed locally or remotely and provides multiple language bindings, standard APIs, and standard scripting interfaces that can be used to manage and monitor hardware, operating systems, and system services. Open. LMI is designed to provide a common management interface to production servers running the Red Hat Enterprise Linux system on both physical and virtual machines. It consists of the following three components. System management agents — these agents are installed on a managed system and implement an object model that is presented to a standard object broker. The initial agents implemented in Open. LMI include storage configuration and network configuration, but later work will address additional elements of system management. The system management agents are commonly referred to as Common Information Model providers or CIM providers. An integrated circuit or monolithic integrated circuit (also referred to as an IC, a chip, or a microchip) is a set of electronic circuits on one small flat piece (or. A standard object broker — the object broker manages system management agents and provides an interface to them. The standard object broker is also known as a CIM Object Monitor or CIMOM. The Hollywood Reporter is your source for breaking news about Hollywood and entertainment, including movies, TV, reviews and industry blogs.Client applications and scripts — the client applications and scripts call the system management agents through the standard object broker. The Open. LMI project complements existing management initiatives by providing a low- level interface that can be used by scripts or system management consoles. Interfaces distributed with Open. LMI include C, C++, Python, Java, and an interactive command line client, and all of them offer the same full access to the capabilities implemented in each agent. This ensures that you always have access to exactly the same capabilities no matter which programming interface you decide to use.
The following are key benefits of installing and using Open. LMI on your system. Open. LMI provides a standard interface for configuration, management, and monitoring of your local and remote systems. It allows you to configure, manage, and monitor production servers running on both physical and virtual machines. It is distributed with a collection of CIM providers that allow you to configure, manage, and monitor storage devices and complex networks.It allows you to call system management functions from C, C++, Python, and Java programs, and includes LMIShell, which provides a command line interface. Adobe Download Manager Firewall Ports Ping . Far Cry Patch 1 0 Download Speed there. It is free software based on open industry standards. Management Capabilities. Key capabilities of Open. LMI include the management of storage devices, networks, system services, user accounts, hardware and software configuration, power management, and interaction with Active Directory. For a complete list of CIM providers that are distributed with Red Hat Enterprise Linux 7, see Table 2. Available CIM Providers”. Table 2. 0. 1. Available CIM Providers. Package Name. Descriptionopenlmi- account. A CIM provider for managing user accounts. A CIM provider for reading files and directories. A CIM provider for network management. A CIM provider for power management. A CIM provider for managing system services. A CIM provider for storage management. A CIM provider for controlling computer fans. A CIM provider for retrieving hardware information. A CIM provider for configuring realmd. A CIM provider for software management. Open. LMI is distributed as a collection of RPM packages that include the CIMOM, individual CIM providers, and client applications. This allows you distinguish between a managed and client system and install only those components you need. Installing Open. LMI on a Managed System. A managed system is the system you intend to monitor and manage by using the Open. LMI client tools. To install Open. LMI on a managed system, complete the following steps. Install the tog- pegasus package by typing the following at a shell prompt as root. This command installs the Open. Pegasus CIMOM and all its dependencies to the system and creates a user account for the pegasus user. Install required CIM providers by running the following command as root. This command installs the CIM providers for storage, network, service, account, and power management. For a complete list of CIM providers distributed with Red Hat Enterprise Linux 7, see Table 2. Available CIM Providers”. Edit the /etc/Pegasus/access. Open. Pegasus CIMOM. By default, only the pegasus user is allowed to access the CIMOM both remotely and locally. To activate this user account, run the following command as root to set the user's password. Start the Open. Pegasus CIMOM by activating the tog- pegasus. To activate the tog- pegasus. To configure the tog- pegasus. If you intend to interact with the managed system from a remote machine, enable TCP communication on port 5. To open this port in the current session, run the following command as root. To open port 5. 98. TCP communication permanently, type as root. Installing Open. LMI on a Client System. A client system is the system from which you intend to interact with the managed system. In a typical scenario, the client system and the managed system are installed on two separate machines, but you can also install the client tools on the managed system and interact with it directly. To install Open. LMI on a client system, complete the following steps. Install the openlmi- tools package by typing the following at a shell prompt as root. This command installs LMIShell, an interactive client and interpreter for accessing CIM objects provided by Open. Pegasus, and all its dependencies to the system. Configuring SSL Certificates for Open. Pegasus. Open. LMI uses the Web- Based Enterprise Management (WBEM) protocol that functions over an HTTP transport layer. Standard HTTP Basic authentication is performed in this protocol, which means that the user name and password are transmitted alongside the requests. Configuring the Open. Pegasus CIMOM to use HTTPS for communication is necessary to ensure secure authentication. A Secure Sockets Layer (SSL) or Transport Layer Security (TLS) certificate is required on the managed system to establish an encrypted channel. There are two ways of managing SSL/TLS certificates on a system. Self- signed certificates require less infrastructure to use, but are more difficult to deploy to clients and manage securely. Authority- signed certificates are easier to deploy to clients once they are set up, but may require a greater initial investment. When using an authority- signed certificate, it is necessary to configure a trusted certificate authority on the client systems. The authority can then be used for signing all of the managed systems' CIMOM certificates. Certificates can also be part of a certificate chain, so the certificate used for signing the managed systems' certificates may in turn be signed by another, higher authority (such as Verisign, CAcert, RSA and many others). Table 2. 0. 2. Certificate and Trust Store Locations. Configuration Option. Location. Descriptionssl. Certificate. File. Path/etc/Pegasus/server. Public certificate of the CIMOM. Key. File. Path/etc/Pegasus/file. Private key known only to the CIMOM. Trust. Store/etc/Pegasus/client. The file or directory providing the list of trusted certificate authorities. Managing Self- signed Certificates. A self- signed certificate uses its own private key to sign itself and it is not connected to any chain of trust. On a managed system, if certificates have not been provided by the administrator prior to the first time that the tog- pegasus service is started, a set of self- signed certificates will be automatically generated using the system's primary host name as the certificate subject. The automatically generated self- signed certificates are valid by default for 1. Any modification to these certificates will require manually creating new certificates following guidelines provided by the Open. SSL or Mozilla NSS documentation on the subject. To configure client systems to trust the self- signed certificate, complete the following steps. Copy the /etc/Pegasus/server. To do so, type the following at a shell prompt as root. Pegasus/server. pem /etc/pki/ca- trust/source/anchors/pegasus- hostname. Replace hostname with the host name of the managed system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |